ld.so: Defer applying RELRO protection
Commit Message
This is a prerequisite of a future change which applies additional
cross-object relocations after _dl_relocate_object has been called.
2018-06-05 Florian Weimer <fweimer@redhat.com>
* sysdeps/generic/ldsodefs.h (_dl_relocate_apply_relro): Declare.
* elf/rtld.c (relocate_doit): Add comment.
(dl_main): Call _dl_relocate_apply_relro.
* elf/dl-open.c (dl_open_worker): Likewise.
* elf/dl-reloc.c (_dl_relocate_object): Do not call
_dl_protect_relro.
(_dl_relocate_apply_relro): New function.
@@ -491,6 +491,8 @@ TLS generation counter wrapped! Please report this."));
}
}
+ _dl_relocate_apply_relro (new);
+
/* Notify the debugger all new objects have been relocated. */
if (relocation_in_progress)
LIBC_PROBE (reloc_complete, 3, args->nsid, r, new);
@@ -299,14 +299,8 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[],
textrels = textrels->next;
}
-
- /* In case we can protect the data now that the relocations are
- done, do it. */
- if (l->l_relro_size != 0)
- _dl_protect_relro (l);
}
-
void
_dl_protect_relro (struct link_map *l)
{
@@ -326,6 +320,19 @@ cannot apply additional memory protection after relocation");
}
}
+void
+_dl_relocate_apply_relro (struct link_map *new)
+{
+ struct link_map **lp = new->l_searchlist.r_list;
+ struct link_map **end = lp + new->l_searchlist.r_nlist;
+ for (; lp < end; ++lp)
+ {
+ struct link_map *l = *lp;
+ if (l->l_relro_size)
+ _dl_protect_relro (l);
+ }
+}
+
void
__attribute_noinline__
_dl_reloc_bad_type (struct link_map *map, unsigned int type, int plt)
@@ -574,6 +574,7 @@ struct version_check_args
int dotrace;
};
+/* Callback function used during tracing. */
static void
relocate_doit (void *a)
{
@@ -2251,6 +2252,17 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
HP_TIMING_ACCUM_NT (relocate_time, add);
}
+ /* Activate RELRO protection. In the prelink case, this was already
+ done earlier. */
+ if (! prelinked)
+ {
+ /* Make sure that this covers the dynamic linker as well.
+ TODO: rtld_multiple_ref is always true because libc.so needs
+ the dynamic linker internally. */
+ assert (rtld_multiple_ref);
+ _dl_relocate_apply_relro (main_map);
+ }
+
/* Do any necessary cleanups for the startup OS interface code.
We do these now so that no calls are made after rtld re-relocation
which might be resolved to different functions than we expect.
@@ -937,6 +937,11 @@ extern void _dl_relocate_object (struct link_map *map,
int reloc_mode, int consider_profiling)
attribute_hidden;
+/* Apply RELRO protection for all objects on the search path of NEW.
+ This is the final step of relocation processing for freshly loaded
+ objects. */
+void _dl_relocate_apply_relro (struct link_map *new) attribute_hidden;
+
/* Protect PT_GNU_RELRO area. */
extern void _dl_protect_relro (struct link_map *map) attribute_hidden;